D-Link DIR600L formAutoDetecWAN_wizard4 function buffer overflow vulnerability

D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. The D-Link DIR600L suffers from a buffer overflow vulnerability, which originates fr...

Google Chrome Heap Buffer Overflow Vulnerability

Google Chrome is a web browser developed by Google Inc. Google Chrome suffers from a heap buffer overflow vulnerability that stems from a heap buffer overflow issue in the WebGPU component. An attacker can exploit this vulnerability to execute arbitrary code on the system or cause denial of heap...

Google Chrome on Android Omnibox Improperly Implemented Vulnerability

Google Chrome on Android is a mobile browser from Google, optimized for Android devices, offering fast browsing, smart search, privacy protection and cross-device syncing. Google Chrome on Android suffers from an Omnibox mal-implementation vulnerability that can be exploited by attackers to cause...

JeecgBoot Path Traversal Vulnerability

JeecgBoot is a low-code development platform that fuses code generation and AI applications to help organizations rapidly achieve low-code development and build AI applications. JeecgBoot has a path traversal vulnerability that stems from a path traversal vulnerability in the interface...

D-Link DIR600L formVirtualServ Function Buffer Overflow Vulnerability

D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. The D-Link DIR600L suffers from a buffer overflow vulnerability, which originates fr...

D-Link DIR600L formSetEasy_Wizard Function Buffer Overflow Vulnerability

D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. A buffer overflow vulnerability exists in the D-Link DIR600L, which is caused by the...

D-Link DIR600L formSetEmail Function Buffer Overflow Vulnerability

D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. A buffer overflow vulnerability exists in the D-Link DIR600L, which is caused by the...

MediaWiki CookieConsent Extension Cross-Site Scripting Vulnerability

The MediaWiki CookieConsent Extension is an extension for the MediaWiki platform whose main function is to manage the site's cookie policy and user consent mechanisms. MediaWiki CookieConsent Extension suffers from a cross-site scripting vulnerability that stems from the application's lack of...

Mozilla Firefox for iOS Information Disclosure Vulnerability

Mozilla Firefox for iOS is a web browser designed for iOS devices by the US-based Mozilla Foundation. An information disclosure vulnerability exists in Mozilla Firefox for iOS, which is caused due to incorrect sharing of cookie storage for non-HTML temporary documents with normal browsing content...

D-Link DIR600L formSetPortTr Function Buffer Overflow Vulnerability

D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. D-Link DIR600L suffers from a buffer overflow vulnerability, which originates from t...

WordPress Plugin Quickcreator Information Disclosure Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin Quickcreator, which stem...

D-Link DIR600L formWlSiteSurvey Function Buffer Overflow Vulnerability

D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. The D-Link DIR600L suffers from a buffer overflow vulnerability, which originates fr...

D-Link DIR600L formSetWizard1 Function Buffer Overflow Vulnerability

D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. The D-Link DIR600L suffers from a buffer overflow vulnerability, which originates fr...

D-Link DIR600L formTcpipSetup Function Buffer Overflow Vulnerability

D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. The D-Link DIR600L suffers from a buffer overflow vulnerability, which originates fr...

Mozilla Firefox Security Bypass Vulnerability (CNVD-2025-26888)

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. Mozilla Firefox suffers from a security bypass vulnerability caused by an integer overflow in the Graphics:Canvas2D component. An attacker could exploit this vulnerability to cause a sandbox escape...

Google Chrome Reuse After Release Vulnerability

Google Chrome is a web browser developed by Google Inc. Google Chrome suffers from a post-release reuse vulnerability that can be exploited by an attacker to perform out-of-bounds memory access via a carefully constructed HTML page...

D-Link DIR600L formSetWizardSelectMode function buffer overflow vulnerability

D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. The D-Link DIR600L suffers from a buffer overflow vulnerability, which originates fr...

Unspecified Vulnerability in ISC BIND 9

ISC BIND 9 is a domain name system software from the ISC organization. A security vulnerability exists in ISC BIND 9 that stems from a weakness in the pseudo-random number generator, which can be exploited by an attacker to cause prediction of source ports and query IDs...

Dell Storage Manager XML External Entity References Improperly Restricted Vulnerability

Dell Storage Manager is a centralized storage management tool from Dell that is used to manage storage devices such as SC Series, PS Series and FluidFS, providing unified monitoring, configuration and replication capabilities. An XML External Entity Reference Improper Restriction vulnerability...

Microsoft Azure Event Grid System Access Control Error Vulnerability

Microsoft Azure Event Grid System is a fully managed event routing service system from Microsoft Corporation, USA. The Microsoft Azure Event Grid System is vulnerable to an access control error vulnerability that stems from improper access control and could lead to elevation of privilege. An...

Dell Storage Manager Improper Authentication Vulnerability

Dell Storage Manager is a centralized storage management tool from Dell that is used to manage storage devices such as SC Series, PS Series and FluidFS, providing unified monitoring, configuration and replication capabilities. An improper authentication vulnerability exists in Dell Storage Manage...

ISC BIND 9 Denial of Service Vulnerability

ISC BIND 9 is a domain name system software from the ISC organization. A denial of service vulnerability exists in ISC BIND 9, which arises from improper resource consumption when processing malformed DNSKEY records in specially crafted zones, and can be exploited by an attacker to cause CPU...

Unspecified Vulnerability in ISC BIND 9 (CNVD-2025-26736)

ISC BIND 9 is a domain name system software from the ISC organization. A security vulnerability exists in ISC BIND 9, which arises from an overly lax acceptance of response records, and can be exploited by an attacker to cause forged data to be injected into the cache...

WordPress Captivate Sync plugin deserialization vulnerability

WordPress Captivate Sync plugin is a WordPress plugin developed by Captivate, which belongs to RebelBaseMedia's products and is mainly used to simplify the Podcast management process. WordPress Captivate Sync plugin suffers from a deserialization vulnerability that stems from unsafe deserializati...

WordPress plugin Addison deserialization vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. A deserialization vulnerability exists in the WordPress plugin Addison, which arises from unsaf...

WordPress All in One Time Clock Lite plugin unsafe direct object reference vulnerability

WordPress All in One Time Clock Lite plugin is a plugin for tracking employee attendance and supports employee/volunteer/contractor punch record management. The WordPress All in One Time Clock Lite plugin suffers from an insecure direct object reference vulnerability that stems from the applicati...

WordPress Buddypress Plugin Missing Authorization Vulnerability

WordPress Buddypress Plugin is an open source social networking plugin developed by Automattic the parent company of WordPress for converting WordPress websites into fully functional social platforms. WordPress Buddypress Plugin suffers from a lack of authorization vulnerability, no details of th...

WordPress Advanced Coupons for WooCommerce Coupons plugin SQL Injection Vulnerability

WordPress Advanced Coupons for WooCommerce Coupons plugin is a free plugin designed for WooCommerce to enhance e-commerce marketing by extending coupon functionality. WordPress Advanced Coupons for WooCommerce Coupons plugin suffers from a SQL injection vulnerability that stems from the...

WordPress Plugin Academy LMS Elevation of Privilege Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An elevation of privilege vulnerability exists in the WordPress plugin Academy LMS due to the...

TOTOLINK N600R setWiFiMultipleConfig function stack buffer overflow vulnerability

TOTOLINK N600R is a dual-band wireless router launched by Korean brand TOTOLINK in 2013, which supports 2.4GHz and 5GHz dual-band concurrency with a maximum wireless transmission rate of 300Mbps. The TOTOLINK N600R suffers from a stack buffer overflow vulnerability, which stems from the wepkey2...

TOTOLINK N600R main function null pointer dereference vulnerability

TOTOLINK N600R is a dual-band wireless router launched by Korean brand TOTOLINK in 2013, which supports 2.4GHz and 5GHz dual-band concurrency with a maximum wireless transmission rate of 300Mbps. The TOTOLINK N600R suffers from a null pointer dereference vulnerability, which stems from the presen...

TOTOLINK N600R sub_41773C function null pointer dereference vulnerability

TOTOLINK N600R is a dual-band wireless router launched by Korean brand TOTOLINK in 2013, which supports 2.4GHz and 5GHz dual-band concurrency with a maximum wireless transmission rate of 300Mbps. The TOTOLINK N600R suffers from a null pointer dereference vulnerability, which stems from the presen...

WordPress Billey plugin file inclusion vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A file inclusion vulnerability exists in the WordPress Billey plugin, which stems from improper control over the filename of include or require statements, and can be exploited ...

WordPress Plugin MasterStudy LMS Information Disclosure Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin MasterStudy LMS, which...

WordPress CF7 Auto Responder Addon plugin cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in the WordPress CF7 Auto Responder Addon plugin, which stems from the application's lack of effective filtering and escaping of...

TOTOLINK N600R setWiFiBasicConfig function stack buffer overflow vulnerability

TOTOLINK N600R is a dual-band wireless router launched by Korean brand TOTOLINK in 2013, which supports 2.4GHz and 5GHz dual-band concurrency with a maximum wireless transmission rate of 300Mbps. The TOTOLINK N600R suffers from a stack buffer overflow vulnerability, which stems from the failure o...

WordPress Plugin Accordion Missing Authorization Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. A lack of authorization vulnerability exists in the WordPress plugin Accordion, which can be...

WordPress Calendar Plus plugin cross-site scripting vulnerability

WordPress Calendar Plus plugin is a calendar plugin for WordPress to create and manage event calendars. WordPress Calendar Plus plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied data, which can be...

WordPress AnyComment plugin SQL Injection Vulnerability

WordPress AnyComment plugin is a WordPress comment plugin based on React development, focusing on simplicity and speed. It provides basic commenting functionality and supports seamless migration from other plugins e.g. Jetpack, wpDiscuz, etc. and can be supported through GitHub or VK community...

WordPress Plugin IDonatePro Information Disclosure Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in WordPress plugin IDonatePro, which stems from...

WordPress Clanora plugin file upload vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A file upload vulnerability exists in the WordPress Clanora plugin that stems from the application's lack of effective validation of uploaded files. The vulnerability can be...

WordPress bbp-move-topics plugin cross-site scripting vulnerability

WordPress bbp-move-topics plugin is an open source forum plugin for WordPress , developed by Automattic , supports users to manage forums through the WordPress backend . WordPress bbp-move-topics plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of...

WordPress Plugin Captcha.eu Server-Side Request Forgery Attack Vulnerability

WordPress Plugin Captcha.eu is a CAPTCHA plugin for the WordPress platform, which is mainly used to prevent bots from attacking and is also compliant with GDPR General Data Protection Regulation. WordPress Plugin Captcha.eu suffers from a server-side request forgery attack vulnerability that stem...

WordPress Plugin WP Gmail SMTP Message Leakage Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin WP Gmail SMTP, which...

WordPress AppExperts plugin information disclosure vulnerability

WordPress AppExperts plugin is a plugin for converting WordPress websites to iOS and Android mobile apps, with support for converting WooCommerce e-commerce platform features. WordPress AppExperts plugin suffers from an information disclosure vulnerability that originates from the insertion of...

WordPress Plugin Acknowledgify Missing Authorization Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. A lack of...

WordPress Blockspare plugin sensitive information insertion vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. The WordPress Blockspare plugin suffers from a sensitive information insertion vulnerability that originates from inserting sensitive information in sent data, which can be...

WordPress plugin easy-post-submission information disclosure vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin easy-post-submission,...

WordPress Plugin Simple Job Board Information Disclosure Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin Simple Job Board, which...

WordPress BugsPatrol plugin deserialization vulnerability

WordPress BugsPatrol plugin is a WordPress theme designed for pest control services, offering the ability to create professional pest control company websites that support the presentation of pest management services in business, home and other scenarios. WordPress BugsPatrol plugin suffers from ...